cap-apps-da-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "Creating a New App" workflow explicitly allows using remote templates (e.g., "da new my-app --template github.com/user/repo"), which fetches arbitrary public GitHub repos (untrusted, user-generated content) and uses their files to scaffold projects, so third-party content is ingested and can alter subsequent behavior.